I'd argue that as long as an intermediate is passing out BS certs, nobody (modulo cert pinning etc) who trusts that intermediate or its root is truly protected.